Samsung has just released details of September’s firmware update for Galaxy users, which is more complex than usual, including some critical missing updates. As ever, you can expect this to start rolling out to the newest flagships imminently.
Samsung’s release combines a raft of wider Android fixes as well as those just for its own devices. The highlight of Android’s security bulletin is CVE-2024-32896, which Google again warns “may be under limited, targeted exploitation.” The good news for Samsung users, is that those who have received the August update have already had this patch—it was behind CISA’s update now warning for the end of last month. Those not on a monthly update schedule will get the patch when they next update.
But the bad news for Galaxy users is that—once again—they are running a month behind when it comes to critical, third-party hardware updates. This month, a critical Qualcomm update from last month’s Android security bulletin (CVE-2024-23350) makes it way to Samsung devices, while the two critical Qualcomm updates this month (CVE-2024-33042 and CVE-2024-33052) are absent.
Samsung warns that “some patches to be received from chipset vendors may not be included in the security update package of the month. They will be included in upcoming security update packages as soon as the patches are ready to deliver.” Assuming these relate to Samsung devices, we can expect these next month.
The other headline from Android’s update this month will be removing the Showcase app from devices, which I reported on in August. This was presented by a security vendor as a serious threat, but dismissed by Google as a non-issue for users.
From a Galaxy user perspective, nothing especially stands out amongst the 23 Samsung specific high but mostly moderate severity fixes. That said, we have started to get used to some fixes appearing to be more serious than first thought some time after release. And it’s worth nothing that Samsung also warns users that “some items included in the Samsung Android Security Update cannot be disclosed at this time.”
Galaxy users will be more concerned about the One UI 6.1.1 update than regular fixes. As SamMobile explains, the other bad news is that while the update “debuted with the Galaxy Z Flip 6 and the Galaxy Z Fold 6 and was expected to be released to other devices last month. However, Samsung hasn’t released the update yet.”
Meanwhile, make sure you apply the update as soon as it download as to your device. There have been enough Android and Samsung vulnerability warnings in recent months to make timely updating a sensible priority.